Vulnerability in Oracle Hospitality Cruise Shipboard Property Management System
CVE-2018-3160

7.7HIGH

Key Information:

Vendor: Oracle
Status: Hospitality Cruise Shipboard Property Management System
Vendor: CVE Published:; 17 October 2018

Summary

This vulnerability exists in the Oracle Hospitality Cruise Shipboard Property Management System, allowing an attacker with privileged access to exploit the system. Successful exploitation requires some form of human interaction but can lead to a complete takeover of the application. Affected systems may experience significant disruptions, impacting not only the primary software but potentially related products as well. Organizations should ensure they are aware of this vulnerability and take necessary precautions to mitigate risk.

Affected Version(s)

Hospitality Cruise Shipboard Property Management System 8.0

References

http://www.securityfocus.com/bid/105632

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 17, 2018
Vulnerability Reserved
Dec 15, 2017